Senior Analyst, Governance Risk and Compliance
Brooklyn, NY (Rent the Runway HQ)
Rent the RunwayRent the Runway is the premier subscription fashion service that powers people to rent designer styles for work, weekends and events. Membership trials from $69.
Rent the Runway (RTR) is transforming the way we get dressed by pioneering the world’s first Closet in the Cloud. Founded in 2009, RTR has disrupted the $2.4 trillion fashion industry by inspiring women with a more joyful, sustainable and financially-savvy way to feel their best every day. As the ultimate destination for circular fashion, the brand now offers infinite points of access to its shared closet via a fully customizable subscription to fashion, one-time rental or ownership. RTR offers designer apparel, accessories and home decor from 700+ brand partners and has built in-house proprietary technology and a one-of-a-kind reverse logistics operation. Under CEO and Co-Founder Jennifer Hyman’s leadership, RTR has been named to CNBC’s “Disruptor 50” five times in ten years, and has been placed on Fast Company’s Most Innovative Companies list multiple times, while Hyman herself has been named to the “TIME 100” most influential people in the world and as one of People magazine’s “Women Changing the World.”
About the Job:
The Governance Risk and Compliance Analyst is a position within the team with technology, security risk, and compliance responsibilities across the organization. Working closely with the Director of Governance, Risk and Compliance, this position will be responsible for assessing and testing processes and controls to raise the overall compliance and security posture as well as reduce and mitigate risk levels for RTR. Working across multiple frameworks and regulatory standards including, but not limited to SOX, GDPR, CCPA, PCI-DSS, NIST CSF, etc. This individual will have exposure to all parts of the business including Software Engineering, Finance, Corporate Systems, Operations, Legal, Internal Audit and other stakeholders.
What You’ll Do:
- Work with the Director of Governance Risk and Compliance on an organization-wide IT and information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations
- Responsible for assessing and documenting IT and security risk and compliance based on process and control walkthroughs or testing while working with the Director of Governance, Risk, and Compliance to determine potential solutions that are appropriate for Rent the Runway’s business and system architecture
- Responsible for carrying out internal and 3rd party audits/assessments, as well as facilitate evidence collection
- Responsible for carrying out internal security risk assessments at all levels of the business including assets and third parties
- Interacts with technology-focused teams and business stakeholders to understand risks to critical systems and data by understanding potential business impact of mitigation strategies
- 4+ years experience in IT and security governance, risk, or compliance functions
- Deep understanding of IT controls at the systems, network, and application level
- Experience in IT general controls audits from test design to remediation
- Understanding of information security domains including web application and cloud security concepts
- Experience conducting risk assessments at organizational, product, asset, and third party levels
- Knowledge of IT risk frameworks such as COBIT
- Knowledge of security and privacy frameworks such as NIST, SOX, PCI, ISO, GDPR, CCPA
- Knowledge of cloud services (IaaS, PaaS, Saas), databases, infrastructure
- Experience working in cross-functional settings including IT, engineering, and business stakeholders
- Excellent interpersonal, communication, and presentation skills, including report writing experience
- Understanding and belief that compliance is never a “one size fits all”
At Rent the Runway, we’re committed to the wellbeing of our employees, and aim to create a workplace that fosters both personal and professional growth. Our inclusive benefits include, but are not limited to:
- Paid Time Off including vacation, paid bereavement, and family sick leave - every employee needs time to take care of themselves and their family.
- Universal Paid Parental Leave for both parents + flexible return to work program - because we know your newest family member(s) deserve your undivided attention.
- Paid Sabbatical after 5 years of continuous service - Unplug, recharge, and have some fun!
- Exclusive employee subscription and rental discounts - to ensure you experience the magic of renting the runway (and give us valued feedback!).
- Comprehensive health, vision, dental, FSA and dependent care from day 1 of employment - Your health comes first and we’ve got you covered.
- 401k match - an investment in your future.
- Company wide events and outings - our team spirit is no joke - we know how to have fun!
- Hybrid Work - when our corporate employees return to the office post COVID they will have the option to work remotely 2-3 days a week, in accordance with Company policies.
COVID-19 VACCINE REQUIREMENT:
RTR is requiring all US corporate employees to be fully vaccinated for COVID-19 in order to work in person, unless an employee requires a reasonable accommodation for medical or religious reasons. If you believe that you may require an accommodation, please apply for any roles that interest you and if hired, you will receive information on how to request a reasonable accommodation after your start date. RTR will evaluate all such requests in accordance with Company policy and applicable law.
Rent the Runway is an equal opportunity employer. In accordance with applicable law, we prohibit discrimination against any applicant or employee based on any legally-recognized basis, including, but not limited to: race, color, religion, sex (including pregnancy, lactation, childbirth or related medical conditions), sexual orientation, gender identity, age (40 and over), national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed service member status or any other status protected by federal, state or local law.
The anticipated base salary for this position is $90,400 to $113,000. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held. This position is also eligible for equity compensation.
More jobs like this
Highlands Ranch, CO, United … Highlands Ranch, CO, United States Full TimeSenior Senior-levelUSD 67K - 112K * USD 67K+ *
Cybersecurity Operations Analyst, Applied CryptographyAutomation Certificate management Cloud Compliance Cryptography Encryption FIPS 140-2 +2
Equity Flex hours Flex vacation Health care Insurance +2
Boston, Massachusetts, United States Boston, Massachusetts, United States Full TimeSenior Senior-levelUSD 52K - 99K USD 52K+
Global Atlantic Financial Group
Analyst, Cyber Threat and VulnerabilityActive Directory AWS Azure C CEH CISSP Cloud +38
401(k) matching Career development Competitive pay Equity Fertility benefits +10
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Operations Engineer jobs
- Open Head of Information Security jobs
- Open Senior SOC Analyst jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open Information System Security Officer (ISSO) jobs
- Open Lead Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Infrastructure Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Cyber Program Manager jobs
- Open Clearance-related jobs
- Open GCP-related jobs
- Open Pentesting-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open SaaS-related jobs
- Open ISO 27001-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Cryptography-related jobs
- Open CISM-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open IPS-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs